Privacy Policy
Updated December 12, 2019
Last Updated: March 1, 2026
1. Introduction and Data Controller
Serenichron SRL (“we”, “us”, “our”, or “the Company”) is committed to protecting the privacy and personal data of all individuals who interact with our website and services.
Data Controller:
Serenichron SRL
Website: https://serenichron.com
Privacy Contact: [email protected]
This Privacy Policy explains how we collect, use, store, and share your personal data when you visit our website or engage with our services. It is intended to comply with the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and other applicable data protection legislation.
2. What Data We Collect
We may collect the following categories of personal data:
Contact and Identity Data
- Name, email address, phone number, company name, job title
- Information submitted through contact forms, live chat, or appointment scheduling
Usage and Technical Data
- IP address, browser type and version, operating system
- Pages visited, time on site, referral source, device identifiers
- Clickstream data and interaction patterns
Marketing and Communications Data
- Email open rates, click-through rates, campaign responses
- Marketing preferences and consent records
Commercial Data
- Purchase history, invoice information, payment transaction records (processed by WooCommerce and its payment gateway partners)
Cookie and Tracking Data
- Cookie identifiers, advertising identifiers, session replay data, heatmap interactions
- UTM parameters, funnel progression, affiliate referral data
3. Lawful Basis for Processing
We process your personal data on the following lawful bases under Article 6 GDPR:
| Processing Purpose | Lawful Basis |
|---|---|
| Responding to enquiries and providing requested services | Contract / Legitimate Interests |
| Sending marketing communications to existing contacts | Legitimate Interests (with opt-out) |
| Website analytics to improve performance | Consent (via cookie banner) |
| Advertising measurement and conversion tracking | Consent (via cookie banner) |
| Remarketing and retargeted advertising | Consent (via cookie banner) |
| Session recording and heatmaps | Consent (via cookie banner) |
| Affiliate tracking | Consent (via cookie banner) |
| Processing payments and fulfilling orders | Contract |
| Compliance with legal obligations | Legal Obligation |
| Security, fraud prevention, and service integrity | Legitimate Interests |
Where we rely on consent as the lawful basis, you may withdraw that consent at any time without affecting the lawfulness of processing carried out before withdrawal. You can manage your preferences through our cookie consent tool.
4. Cookies and Tracking Technologies
Our website uses cookies and similar tracking technologies. We use Complianz as our cookie consent management platform. Upon your first visit, you will be presented with a cookie consent banner that allows you to accept or reject specific categories of cookies.
4.1 Cookie Categories
Strictly Necessary Cookies
These cookies are essential for the website to function and cannot be disabled. They include session management, security tokens, and the Complianz consent preference record.
Functional Cookies
Cookies that enhance your experience, such as remembering preferences and enabling live chat functionality (HubSpot).
Analytics Cookies
Used to understand how visitors interact with our website. Collected data is aggregated and pseudonymised.
Marketing / Statistics Cookies
Used for advertising measurement, conversion tracking, and remarketing. These cookies track your activity across websites to serve relevant advertising.
4.2 Third-Party Tools and Services
The following technologies are deployed on our website. Each may set its own cookies or collect data as described:
Google Analytics 4 (Property ID: G-LK9H64SDS8)
Used for website analytics, including page views, session duration, traffic sources, and user behaviour. Data is processed by Google LLC (USA). We use Google Consent Mode v2 so that, where applicable, consent signals are passed to Google before any measurement data is collected.
Google Privacy Policy
Google Ads (Account: AW-16986239325)
Used for conversion tracking (measuring actions taken after clicking our ads) and remarketing (showing targeted ads to previous visitors across the Google Display Network and YouTube). Data is processed by Google LLC (USA).
Google Ads Privacy
Google Tag Manager (Container: GTM-TWMRZSB)
A tag management system that loads and manages other tracking scripts on our website. GTM itself does not collect personal data but enables the tools listed here to function. Consent signals from Complianz are passed through GTM.
Google Privacy Policy
HubSpot (Portal ID: 147807841)
Used for CRM, email marketing, lead tracking, and live chat. HubSpot may set tracking cookies to identify returning visitors and attribute form submissions or chat conversations to marketing campaigns. Data is processed by HubSpot, Inc. (USA).
HubSpot Privacy Policy
Contentsquare / Hotjar (Site ID: 6409427)
Used for session recording, heatmaps, and user behaviour analysis. This tool records mouse movements, clicks, and scrolling to help us understand usability. Recordings are masked to avoid capturing sensitive information. Data is processed by Contentsquare SAS (France / USA).
Hotjar Privacy Policy
Calendly
Used for appointment scheduling. When you book a meeting through our website, Calendly collects your name, email address, and any other information you provide in the booking form. Data is processed by Calendly LLC (USA).
Calendly Privacy Policy
Complianz
Our cookie consent management platform. Complianz stores your cookie preferences locally in a first-party cookie so that your choices are remembered on future visits.
Complianz Privacy Policy
AffiliateWP
Used to track affiliate referrals when visitors arrive at our website via a registered affiliate partner link. Referral data is stored to attribute sales or leads correctly and to calculate affiliate commissions.
FunnelKit
Used for conversion funnel tracking, A/B testing of landing pages, and UTM parameter capture. FunnelKit records how visitors progress through conversion flows and attributes leads to specific marketing campaigns.
Cloudflare
Our website is delivered through Cloudflare’s Content Delivery Network (CDN). Cloudflare processes IP addresses for security purposes, including DDoS mitigation and bot detection. Cloudflare also provides SSL/TLS encryption.
Cloudflare Privacy Policy
WooCommerce
Used for e-commerce functionality, including processing orders and managing payments. Payment data is processed by our payment gateway provider(s) and is not stored on our servers in full. WooCommerce is built on WordPress and data is stored on our hosting infrastructure within the EU.
Automattic Privacy Policy
5. Remarketing and Retargeted Advertising
We use remarketing and retargeted advertising features provided by Google Ads, and may also use similar features from Meta (Facebook/Instagram) and LinkedIn. These services allow us to show tailored advertisements to people who have previously visited our website when they browse other websites or platforms.
This is achieved through advertising cookies placed on your device (subject to your consent). These cookies enable Google, Meta, LinkedIn, and their network partners to recognise your device and serve relevant ads.
You may opt out of personalised advertising by:
- Managing your preferences through our cookie consent tool
- Visiting Google Ad Settings
- Visiting Facebook Ad Preferences
- Visiting LinkedIn Ad Opt-Out
- Using the NAI Opt-Out Tool
6. How We Use Your Data
We use your personal data to:
- Deliver our professional services and respond to business enquiries
- Manage client relationships through our CRM (HubSpot)
- Send relevant marketing communications (you may unsubscribe at any time)
- Analyse website performance and improve user experience
- Measure the effectiveness of advertising campaigns
- Process payments and manage commercial transactions
- Attribute leads and sales to affiliate partners
- Detect and prevent fraud, abuse, and security incidents
- Comply with applicable legal and regulatory obligations
7. Data Retention
We retain personal data only for as long as necessary for the purposes for which it was collected, or as required by law.
| Data Category | Retention Period |
|---|---|
| Website analytics (GA4) | 14 months (GA4 default, configurable) |
| CRM and contact records (HubSpot) | Duration of business relationship + 3 years |
| Email marketing records | Until unsubscribed + 3 years |
| Financial and payment records | 10 years (Romanian and EU legal requirement) |
| Cookie consent records (Complianz) | 1 year |
| Session recordings (Hotjar) | 365 days |
| Affiliate referral data | Duration of affiliate agreement + 2 years |
When data is no longer needed, it is securely deleted or anonymised.
8. International Data Transfers
Some of the third-party services we use transfer personal data outside the European Economic Area (EEA), including to the United States. We ensure that such transfers are subject to appropriate safeguards under Chapter V of the GDPR, including:
- Standard Contractual Clauses (SCCs) adopted by the European Commission
- EU-U.S. Data Privacy Framework (where applicable)
- Adequacy decisions, where they exist
Affected service providers include: Google (Analytics, Ads, Tag Manager), HubSpot, Calendly, and Hotjar/Contentsquare. We have entered into or rely on the respective Data Processing Agreements (DPAs) with each provider.
9. Your Data Subject Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of Access — Request a copy of the personal data we hold about you (Article 15)
- Right to Rectification — Request correction of inaccurate data (Article 16)
- Right to Erasure — Request deletion of your data (“right to be forgotten”) where applicable (Article 17)
- Right to Restriction of Processing — Ask us to restrict how we use your data (Article 18)
- Right to Data Portability — Receive your data in a structured, machine-readable format (Article 20)
- Right to Object — Object to processing based on legitimate interests or for direct marketing (Article 21)
- Rights related to automated decision-making — Not to be subject to solely automated decisions that produce significant effects (Article 22)
- Right to Withdraw Consent — Where processing is based on consent, withdraw it at any time without detriment
To exercise any of these rights, please contact us at: [email protected]
We will respond within 30 days. In complex cases, we may extend this by a further two months and will notify you accordingly.
You also have the right to lodge a complaint with your national supervisory authority. In Romania, this is the Autoritatea Națională de Supraveghere a Prelucrării Datelor cu Caracter Personal (ANSPDCP):
Website: https://www.dataprotection.ro
Email: [email protected]
10. Data Security
We implement appropriate technical and organisational measures to protect your personal data against unauthorised access, accidental loss, destruction, or alteration. These measures include:
- SSL/TLS encryption for all data transmitted to and from our website (enforced via Cloudflare)
- Access controls limiting data access to authorised personnel
- Regular security assessments and updates
- Data processor agreements with all third-party service providers
While we take these measures seriously, no method of internet transmission or storage is 100% secure.
11. Third-Party Links
Our website may contain links to third-party websites. This Privacy Policy applies only to our website. We are not responsible for the privacy practices of third-party sites and encourage you to review their policies before providing personal data.
12. Children’s Privacy
Our website and services are directed at business professionals and are not intended for individuals under 16 years of age. We do not knowingly collect personal data from children. If you believe a child has provided us with personal data, please contact us at [email protected].
13. Changes to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, services, or applicable law. The updated version will be posted on this page with a revised “Last Updated” date. Where changes are material, we will provide more prominent notice (such as an email notification to subscribers, if applicable).
14. Contact Us
For any privacy-related questions, requests, or complaints, please contact us:
Serenichron SRL
Email: [email protected]
Website: https://serenichron.com
This Privacy Policy was last reviewed and updated on March 1, 2026.